Cyber Security Today – Who do you trust on the internet? A look at three scams

COVID, LinkedIn scams take advantage of your trust.

Welcome to Cyber Security Today. It’s Monday June 22nd. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.

Today’s podcast deals with three scams, which, like most cons involve taking advantage of your trust.

 

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

I’ll start with reporting that millions of employees in the United States, the U.K., and four other countries may open their email today to find COVID-19 themed phishing messages laced with malware. According to the ZDNet news service, a cybersecurity company called Cyfirma says it’s part of an email blitz that allegedly will have started Sunday by a North Korean-based hacker team dubbed the Lazarus Group. Cyfirma said it found plans for the attack on a Korean-language hacker forum. To seem convincing the messages will appear to come from government agencies or trade associations offering employees or businesses financial support to get through the pandemic. The messages will ask recipients to go to websites controlled by the attackers and disclose personal information that presumably would be used for fraud. Other alleged targeted countries are Singapore, South Korea, Japan and India. Computer emergency response teams in all six countries have been notified. Regardless of whether this alert is accurate there’s no doubt hackers are using the pandemic to create COVID-19 scams. Last week Microsoft reported pandemic-themed attacks peaked in mid-March and have been declining since –hopefully because people and anti-malware software are smart enough to recognize them. But attacks increase in different countries, often based on headline-making events — for example, news of a local spike of COVID cases or deaths.

Another COVID-related scam was detailed last week by Juniper Networks, which makes equipment for running corporate networks. Email messages to employees went out last month that appears to come from the U.S. Department of Labor about changes to federal family and medical leave legislation. For more information they have to click on the attached document. That document carries malware that looks for login usernames and passwords on infected computers for Canadian and American banks and U.S. cellphone companies. There’s a tip-off this might be fraud: The message comes from the so-called “COVID-19 Center.” For companies one lesson is to keep reminding employees that COVID scams are rampant. For individuals, protect your bank accounts with two-factor authentication. Check with your financial institution to see if it is offered, and if so, how to set it up.

Exploiting people’s trust is a prime strategy by hackers. For example, trust that a COVID email comes from a government department. Here’s another: Trust that a job offer on LinkedIn really comes from the company making the offer. Security company ESET has uncovered a big espionage scam against aerospace and defence companies that used LinkedIn. The attackers created fake LinkedIn accounts, with photos, pretending to be HR officials from big companies like Collins Aerospace and General Dynamics. Then they sent messages to specific people in firms, selected by their LinkedIn profiles as likely to be interested by a job offer. Once the victim replied the attackers would send email messages that included an attached file with corporate or job information. But the file was infected. Now the victim’s computer was compromised, allowing the attacker to read their email. From there the attacker could try to get into the victim company’s system to steal data.

As I’ve said before, don’t trust everything on the Internet.

That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cybersecurity professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer. Former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, Howard has written for several of ITWC's sister publications, including ITBusiness.ca. Before arriving at ITWC he served as a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Follow this Cyber Security Today

More Cyber Security Today